#set( $symbol_pound = '#' )
#set( $symbol_dollar = '$' )
#set( $symbol_escape = '\' )
package ${package}.api.config.security;

import lombok.RequiredArgsConstructor;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.provider.authentication.BearerTokenExtractor;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;

import javax.servlet.http.HttpServletRequest;

/**
 * 对公开权限的请求不进行校验
 *
 * @author qingchang.tang
 * @date 2020/7/14 10:46
 */

@RequiredArgsConstructor
public class CustomBearerTokenExtractor extends BearerTokenExtractor {

    private final PathMatcher pathMatcher = new AntPathMatcher();

    private final PermitAllUrlProperties urlProperties;

    @Override
    public Authentication extract(HttpServletRequest request) {
        boolean match = matchesIgnoreUrl(request.getRequestURI());
        if (match) {
            return null;
        }

        return super.extract(request);
    }

    private boolean matchesIgnoreUrl(String lookupPath) {
        return urlProperties.getIgnoreUrls().stream()
                .anyMatch(url -> pathMatcher.match(url, lookupPath));
    }


}
